Security audit is requesting that these vulnerabilities be disabled.
Reviewing the httpd.conf config files, I see no evidence of TRACE and/or
TRACK, so I'm assuming these are on by default, and need to be disabled by
one of the suggested methods.
All of our HTTP instances are Apache 2.2.11(i5).
Am I correct that I need to re-visit every HTTP instance, adding one of
the two recommendations below.

This mailing list archive is Copyright 1997-2016 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact